Qualys Announces PCI On Demand Partner Program

New Program Enables Security Consulting Firms to Deliver Cost-Effective and High Quality PCI Applications and Services

Slough, UK - 7 November 2006 - Qualys, provider of on demand vulnerability management and policy compliance, today announced the Qualys PCI On Demand Partner Program, a full-service channel program designed to equip Security Consulting firms and Managed Security Service Providers (MSSP) cost-effectively with the industry’s most accurate and comprehensive PCI compliance platform.

In a related announcement today, the company unveiled the QualysGuard PCI On Demand platform, the industry’s only on demand vulnerability management platform certified for PCI compliance.

In order to accept credit cards as payment for goods and services, merchants must comply with the Payment Card Industry (PCI) requirements, a set of security technology standards outlined by an independent council that forces merchants to protect cardholder information. Given the strict penalties for noncompliance, retailers and the financial institutions working with them need a streamlined process that can accurately and efficiently assess vulnerabilities on their network, prioritize vulnerabilities based on risk and remediate the vulnerabilities in a timely and cost-effective manner.

Using the QualysGuard PCI platform, Qualys’ global partners can deliver self-service PCI scanning capabilities to merchants and financial institutions, while closely managing the PCI process to reduce compliance risk for their customers. As a certified PCI scanning solution, QualysGuard PCI On Demand gives partners the tools they need to evaluate the security of a merchant’s entire network quickly and accurately and then prioritize remediation efforts based on the risk the vulnerabilities pose to the organisation’s PCI compliance posture. More than 60 of the approximately 150 services organisations currently certified to deliver PCI certification are Qualys certified partners and have adopted the Qualys PCI On Demand platform for providing PCI-related services to their clients.

‘We have seen regionally in the UK and EU, a massive rise in fraudulent activity, through the misuse of credit cards and personal financial data,’ says Andrew Henwood, Chief Technology Officer, One-SEC Ltd, a Qualys PCI certified reseller, Qualified Security Assessor for PCI and security solutions provider. ‘Compliance can be intimidating for any organisation accepting credit or debit card payments, as they work towards PCI Data Security Standards. The QualysGuard PCI On Demand platform reduces the cost and complexity of security and compliance for organisations through the software-as-a-service model. With its competitive price point, PCI On Demand has enabled One-SEC to engage with organisations with restricted resources and budgets for IT initiatives to outline an end-to-end strategy for ensuring its continued compliance with PCI regulations.’

“PCI compliance is extremely intimidating for organisations relying on the payment card industry for the majority of their transactions,” says Dr. Michael G. Mathews, chief technology officer at CynergisTek, a Qualys PCI certified reseller and security solutions provider. “The QualysGuard PCI On Demand platform reduces the cost and complexity of security and compliance for organisations through the software-as-a-service model. With its competitive price point, PCI On Demand has enabled CynergisTek to engage with organisations with restricted resources and budgets for IT initiatives to outline an end-to-end strategy for ensuring its continued compliance with PCI regulations.”

The Qualys PCI On Demand Partner Program offers Qualys partners the following benefits:

Resellers are able to provide a high-value, in-demand service to address their customers’ increasing data security and regulatory compliance concerns.

Consultants are able to reduce their engagement costs for one-time and ongoing security services dramatically, while providing superior results and a third-party service to document results over time.

An automated process to handle and resolve false-positives identified on customers networks during PCI engagements.

“Qualys’ partners and security consultants represent a significant portion of our business and have helped us establish QualysGuard as the standard tool for PCI certification,” said Philippe Courtot, CEO of Qualys. “The on demand model presents a terrific business opportunity for partners wanting to deliver technology-enabled PCI services and reduce compliance cost to their customers. The QualysGuard PCI On Demand platform is another example of how Qualys reduces the cost, complexity and risk associated with security and compliance.”

Pricing and Availability

Two levels of partnerships are available though the PCI On Demand Partner Program. The program gives partners generous margins based on their level of certification. Partners that are interested in becoming a Qualys PCI On Demand certified partner can go to https://www.qualys.com/partners/pci/

About Qualys

Qualys, Inc., the leader in on demand vulnerability management and policy compliance serves more than 2,200 enterprise subscribers around the world including 200 of the Forbes Global 2000. QualysGuard Software as a Service (SaaS) solutions help security managers effectively strengthen the security of their networks, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ cost effective on demand technology requires no capital outlay, infrastructure or maintenance and can be deployed in a matter of hours anywhere in the world. Qualys global customers include AXA, DuPont, eBay, ICI Ltd, Kaiser Permanente, Novartis, Oracle and many others. Qualys is headquartered in Redwood City, California, with business units in Europe and Asia. For more information, please visit www.qualys.com.

###

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

For media inquiries or to find the appropriate spokespersonContact: Jane FolwellFolwell PR01344 845132jane@folwellpr.co.uk